The Web and AJAX have many deficiencies, including security holes, and much more needs to be done to iron out these problems, according to a keynote speaker at The Rich Web Experience conference in San Jose.
"The sad thing was the Web was a step backward in terms of interactivity when it debuted," Crockford said.
It looked like Java would fix the problem with applets. "Unfortunately, Java was a huge failure. It completely collapsed. It didn't meet any of its goals," he said. Java's write-once, run-everywhere promise was not kept; it had an unworkable security model and a tedious UI model, said Crockford. Java did, however, become very successful on the server, he added.
AJAX applications are highly interactive, highly social, easy to use, and offer great network efficiency, according to Crockford. "The big problem is that it is too damn hard to write these apps," he said.
"The most interesting innovation in software development in 20 years has got to be the mashup," which shows the benefits of distributed programming. "Unfortunately, mashups are insecure [in the browser]," said Crockford, with components unable to be protected from each other.
The model in the browser is fully broken and needs to be fixed, he said. "The Web is an exploit waiting to happen," Crockford said.
Crockford then went through a critique of various Web technologies.
HTML raises questions about whether it is a document format or an application delivery format; it has low graphical ability and is missing a compositing model. With AJAX, HTML needs to be an application delivery format, said Crockford. XHTML was supposed to replace HTML, but it died because it was too brittle, he said.
CSS (Cascading Style Sheets) presents a styling layer in the browser, but it is slow, complex, and incredibly fragile. "It surprises me that there is not a greater call for its replacement," Crockford said.
XML is complicated and inefficient, he said. "Fortunately, XML has been replaced by JSON," Crockford said. "This gives me some confidence that we can fix the standards in the Web. This is our first success at that."